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Art Unit: 2131 

1 This action is in response to the communication filed on 12/01/2006. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments filed 12/1/2006 have been fully considered but they are not 

5 persuasive. 

6 The examiner first points out that the numerous differences between Glover and the 



7 claimed invention, as alleged by the applicants, are merely nominal differences. The "computer 

8 program file" of Glover is functionally equivalent to the "device driver" of the claimed 

9 invention. Also, the "unwrap procedure" and "device driver" of Glover are functionally 

10 equivalent to the "initialization process" and "decryption" of the claimed invention. Further, the 

1 1 "hidden application" of Glover is functionally equivalent to the "encrypted code" of the claimed 

12 invention. The examiner has included a diagram labeled Appendix A, which compares 

13 illustrates the functional equivalencies between Glover and the claimed invention. The examiner 

14 further notes that there are no limitations in the claim language that distinguish the functionality 

15 of the claimed "device driver" in the method claims from the "computer program file" of Glover. 

16 Regarding the applicants' argument that, in Glover, the "device driver" of the "computer 

17 program file" is separate from the encrypted code portion, and therefore the "device driver" does 

18 not comprise the encrypted code portion, the examiner does not find the argument persuasive. 

19 The applicants appear to have misinterpreted the rejection, and as such the examiner has added 

20 more citations to the prior art rejections below in order to clarify the rejection. Further, the 

21 examiner points out that the "computer program file" of Glover reads on the "device driver" as 

22 claimed. The "device driver" of Glover reads on the "decryption" portion of the "initialization 
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1 process" as claimed. And, the "hidden application" reads on the "encrypted code" as claimed. 

2 This does not coincide with the applicants' argument that element 52 of Glover does not contain 

3 the "hidden application" 54 of Glover. Because the examiner has not relied upon element 52 

4 comprising element 54, the examiner does not find the argument persuasive. 

5 Regarding applicants' argument that no part of the device driver in Glover has been 

6 encrypted, the examiner does not find the argument persuasive. Again, the examiner has relied 

7 upon functionally equivalent "computer program file" 126 of Glover as reading on the claimed 

8 device driver. Element 126 of Glover not only contains an encrypted "hidden application", but 

9 further disclosed that this hidden application can be a device driver. This is seen in Glover Col. 

10 9 Paragraph 2, especially Lines 33-35. As such, the examiner does not find the argument 

1 1 persuasive. 

12 Regarding applicants' argument that Glover did not disclose that the device driver itself 

13 comprises an encrypted program code portion which is then decrypted, the examiner does not 

14 find the argument persuasive. As discussed above, the examiner has relied upon functionally 

15 equivalent "computer program file" 126 of Glover as reading on the claimed device driver. 

16 Element 126 of Glover not only contains an encrypted "hidden application", but further disclosed 

17 that this hidden application can be a device driver. This is seen in Glover Col. 9 Paragraph 2, 

18 especially Lines 33-35. Further still, Glover disclosed in Col. 9 Paragraph 2, that the hidden 

19 application is decrypted in order to provide access to the application. As such, the examiner does 

20 not find the argument persuasive. 

21 Regarding applicants' argument that the device driver of Glover decrypts the encrypted 

22 code from the file system driver, not the device driver itself, the examiner does not find the 
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1 argument persuasive. Once again, the examiner has relied upon functionally equivalent 

2 "computer program file" 126 of Glover as reading on the claimed device driver. Element 126 of 

3 Glover not only contains an encrypted "hidden application", but further disclosed that this hidden 

4 application can be a device driver. This is seen in Glover Col. 9 Paragraph 2, especially Lines 

5 33-35. Further still, Glover disclosed in Col. 9 Paragraph 2, that the hidden application is 

6 decrypted, by element 52 which is contained within element 126, in order to provide access to 

7 the application. This is seen is Col. 9 Paragraph 2. As such, the examiner does not find the 

8 argument persuasive. 



9 Because the examiner does not find the arguments persuasive, the examiner has 

10 maintained the previously presented prior art rejections, and has provided a more detailed 

1 1 rejection in order to clarify the rejection of the claims. 

12 All objections and rejections not set forth below have been withdrawn. 

13 Claims 1-14 have been examined. 

14 Claim Rejections - 35 USC § 102 

15 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

16 basis for the rejections under this section made in this Office action: 

1 7 A person shall be entitled to a patent unless - 

1 8 (b) the invention was patented or described in a printed publication in this or a foreign 

1 9 country or in public use or on sale in this country, more than one year prior to the date of 

20 application for patent in the United States. 
21 

22 Claims 1-2, and 4-5 are rejected under 35 U.S.C. 102(b) as being anticipated by Glover 

23 (US Patent Number 6,052,780). 
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1 Regarding claim 1, Glover disclosed a method for operating a device driver (See Glover 

2 Abstract and Col. 9 Lines 7-9), comprising the steps of: providing a device driver (See Glover 

3 Fig. 7 "Computer Program File") comprising an encrypted program code portion of a main 

4 process thereof (See Glover Col. 9 Lines 25-35 hidden information); decrypting the encrypted 

5 program code portion in an initialization process (See Glover Fig. 7 "Unwrap Procedure" and 

6 "Device Driver") of said device driver (See Glover Col. 9 Lines 25-35), wherein the decrypting 

7 is performed by said device driver (Computer Program File) and the encrypted program code 

8 portion to be decrypted is in said device driver's own program (See Glover Figs. 6-7, and Col. 1 1 

9 Paragraph 2); executing the decrypted program code portion (See Glover Col. 1 1 Lines 3-5) and 

10 re-encrypting the executed decrypted program code portion in an end process of the device 

1 1 driver, in which said device driver is released, wherein the re-encrypting is performed by the 

12 device driver (See Glover Col. 10 Lines 45-47 and Col. 22 Lines 32-36). 

13 Claim 2 is rejected for the same reasons as claim 1 above and further because Glover 

14 disclosed initializing (Unwrap Procedure) the device driver (Computer Program File) before 

15 decrypting the portions of code (See Glover Col, 9 Lines 16-19 and Col. 10 Lines 19-27). 

16 Regarding claims 4-5, Glover disclosed extracting a numeric value from an application; 

17 and a creating key, corresponding to the numeric value, for decrypting and re-encrypting the 

18 program code portion in said decrypting and re-encrypting of the program code portion steps 

19 (See Glover Col. 21 Lines 32-38). 
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1 Claim Rejections - 35 USC § 103 

2 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

3 obviousness rejections set forth in this Office action: 

4 A patent may not be obtained though the invention is not identically disclosed or 

5 described as set forth in section 102 of this title, if the differences between the subject matter 

6 sought to be patented and the prior art are such that the subject matter as a whole would have 

7 been obvious at the time the invention was made to a person having ordinary skill in the art to 

8 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

9 the invention was made. 
10 

1 1 Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover, and further 

12 in view of Schneier ("Applied Cryptography, Second Edition"). 

13 Glover disclosed encrypting a program code portion, decrypting the program code 

14 portion, executing the decrypted program code portion, and re-encrypting the program code 

15 portion after processing was complete (See the rejection of claim 1 above and Col. 9 Lines 22-24 

16 and Lines 33-35), but failed to disclose encrypting and decrypting with two different keys. 

17 Schneier teaches that double encryption using two different keys provides two times the 

18 security of single encryption (See Schneier Section 15.1). 

19 It would have been obvious to the ordinary person skilled in the art at the time of 

20 invention to employ the teachings of Schneier in the encryption, decryption, re-encryption 

21 system of Glover, by encrypting the portion of code with one key and encrypting the result with 

22 a second key and decrypting in a reverse manner. This would have been obvious because the 

23 ordinary person skilled in the art at the time of invention would have been motivated to increase 

24 the security of the encrypted program. 
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1 Claims 6-11 rejected under 35 U.S.C. 103(a) as being unpatentable over Glover as 

2 applied to claims 1-2 above, and further in view of McManis (US Patent Number 5.757.914). 

3 Regarding claims 6-7, Glover disclosed the device driver communicating with an 

4 application (See Glover Col. 10 Lines 34-47), but failed to disclose authentication between the 

5 two. 

6 McManis teaches a method for protecting two communicating applications in which 



7 before process A calls process B, A authenticates B by verifying the integrity of B, and before B 

8 responds to A, B verifies the integrity of A, and in both cases if the verification fails execution is 

9 aborted (See McManis Col. 3 Line 53- Col. 6 Line 9). 

10 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to employ the teachings of McManis in the dynamically loaded device driver by 

12 mutually authenticating the calling application and the device driver by integrity verification 

13 when a request is made by the application to the device driver. This would have been obvious 

14 because the ordinary person skilled in the art would have been motivated to protect the use of the 



15 application as well as the use of the dynamically loaded device driver. 

16 Regarding claims 8-9, the combination of Glover and McManis disclosed providing an 

17 application, which requests the device driver (See Glover Col. 1 1 Lines 6-11), utilizing the 

1 8 application to detect whether or not the program code portion of said device driver has been 

19 forged before supplying output data to said device driver, and when the program code portion of 

20 said device driver has been forged, the application stops outputting the output data to hardware, 

21 and utilizing the device driver to detect whether or not a program code portion of the application 

22 has been forged before supplying input data to the application, and when the program code 
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1 portion of the application has been forged, said device driver stops outputting the input data to 

2 the application (See McManis. Fig 2 and related text). 

3 Regarding claims 10-1 1, the combination of Glover and McManis disclosed that said 

4 device driver does not decrypt encrypted data of the application, and wherein only when the 

5 program code portion of said device driver has not been forged, the application decrypts the 

6 encrypted data and provides the decrypted data as the output data to said device driver (See 

7 McManis Col. 5 Lines 50-67). 



8 Claims 12-13 are rejected under 35 U.S. C. 103(a) as being unpatentable over Glover as 

9 applied to claims 1 and 2 above, and further in view of Cabrera et al. (US Patent Number 

10 5,978,815) hereinafter referred to as Cabrera. 

1 1 Glover disclosed a device driver being executed (See Glover Col. 9 Lines 33-35 and Col. 

12 10 Lines 43-47), but failed to disclose the device driver communicating between an application 

13 arranged at a user level and hardware arranged at a privilege level. 

14 Cabrera teaches that device drivers are used to^ communicate between hardware and 

15 software and that the software typically runs in a user mode and the driver operates at the 

16 privilege level (See Cabrera Col. 7 Paragraph 2). 

17 It would have been obvious to the ordinary person skilled in the art at the time of 

1 8 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

19 by having the device driver communicate between a user mode application and hardware 

20 arranged at the privilege level. This would have been obvious because the ordinary person 

21 skilled in the art would have been motivated to allow the driver to perform many functions that 

22 would not be possible from user mode. 
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1 Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover and 

2 McManis as applied to claim 3 above, and further in view of Cabrera. 

3 Glover and McManis disclosed a device driver being executed (See Glover Col. 9 Lines 

4 33-35 and Col. 10 Lines 43-47), but failed to disclose the device driver communicating between 

5 an application arranged at a user level and hardware arranged at a privilege level. 

6 Cabrera teaches that device drivers are used to communicate between hardware and 

7 software and that the software typically runs in a user mode and the driver operates at the 

8 privilege level (See Cabrera Col. 7 Paragraphs). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 

10 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

1 1 and McManis by having the device driver communicate between a user mode application and 



12 hardware arranged at the privilege level. This would have been obvious because the ordinary 

13 person skilled in the art would have been motivated to allow the driver to perform many 

14 functions that would not be possible from user mode. 
15 

16 
17 
18 

19 Conclusion 

20 Claims 1-14 have been rejected. 

21 The prior art made of record and not relied upon is considered pertinent to applicant's 

22 disclosure. 
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1 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

2 policy as set forth in 37 CFR 1.136(a). 

3 A shortened statutory period for reply to this final action is set to expire THREE 

4 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

5 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

6 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

7 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

8 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 

9 however, will the statutory period for reply expire later than SIX MONTHS from the mailing 

1 0 date of this final action. 

1 1 Any inquiry concerning this communication or earlier communications from the 

12 examiner should be directed to Matthew T. Henning whose telephone number is (571) 272-3790. 

13 The examiner can normally be reached on M-F 8-4. 

14 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

15 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

16 organization where this application or proceeding is assigned is 571-273-8300. 



Application/Control Number: 10/076,404 
Art Unit: 2131 



Page 1 1 



Information regarding the status of an application may be obtained from the Patent 



2 Application Information Retrieval (PAIR) system. Status information for published applications 

3 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

4 applications is available through Private PAIR only. For more information about the PAIR 

5 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

6 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 

7 like assistance from a USPTO Customer Service Representative or access to the automated 

8 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




9 

10 
11 
12 
13 
14 



Matthew Henning 
Assistant Examiner 
Art Unit 2131 
3/27/2007 
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